IsItYou offers true face recognition on mobile, allowing institutions such as banks to authenticate users using only a selfie photo.

Everyone hates using passwords, especially on a mobile device. And everyone knows it’s not hard for a hacker to steal your password anyway.

When Israeli startup IsItYou looked for an easier and more secure way to authenticate users, founder Benjamin Levy didn’t have to look farther than the mirror.

“The face is the strongest element that humans use in identifying one another, and each face is unique,” he tells ISRAEL21c shortly after the company’s official March launch at the 2015 Mobile World Congress in Barcelona.

It only takes a selfie to set IsItYou’s face-recognition technology into motion, allowing users to authenticate themselves quickly without having to remember a password. The technology was designed with unique proprietary anti-spoofing technology to achieve low false-reject and false-acceptance rates.

At the company’s booth at the Microsoft Think Next event last May in Tel Aviv, Levy demonstrated how even a lifelike face mask can’t fool the system. Banks in the Netherlands, United States and Japan are already using IsItYou to help stanch multibillion-dollar losses from sophisticated fraud.

“If you had told me our first class of customers was going to be banks I would have laughed,” Levy confides. “Banks are conservative and cautious, but banking is changing rapidly and they need to authenticate people who don’t come to the branch anymore. Though the teller may have known you in person, nobody knows if the person claiming to be you on a remote transaction is really you.”

In the crowded space of face-recognition technology, IsItYou took on the difficult challenge of mobile user authentication.

“Everybody has seen face recognition on TV and the movies. IsItYou doesn’t work like that,” says Levy. “The big guys like Google, Apple and Facebook all have some sort of face recognition. A lot of it is simply cataloguing and it’s really fun, but it’s not mission-critical. If they make a mistake and it’s not Joe but Jim, annoyance is the worst that can happen. If I make a mistake, money goes missing.”

Born in the mobile world

IsItYou was founded in 2012. “We set out with a very clear objective: To make the mobile world of commerce, payments, banking and social media safe for users. That meant developing a technology that would provide strong security but in a way that normal people would actually use,” says Levy.

It took nearly three years for the Israeli company’s team of engineers, designers, mathematicians, user-experience and machine-vision experts to develop the technology and get seed investment, says Levy, who has an advanced degree in cyber-media and its impact on brand attitudes.

“There’s a lot of original thinking here. After you develop and algorithm, you still need to turn the algorithm into a solution you can use.”

IsItYou marketing manager Michal Nissenson explains that the biometric authentication solution had to be up to the challenge of mobile conditions.

“Our technology was born in the mobile world. It works in a dark room, in a bright room, if there’s shade on your face, if you’re holding your phone at an angle — and that aspect is unique,” she says. “Your mobile phone is not like your computer. You move with it. Most face recognition involves walking up to a box and standing there for 10 seconds while it takes your picture with controlled background and lighting. That doesn’t happen on phones.”

Levy’s vision is that as more companies adopt IsItYou technology, you could call a customer-service line and be asked to look at your smartphone for a second as an IsItYou-enabled application authenticates you, rather than answering questions like what was your grandmother’s maiden name.

For app developers, integrating IsItYou technology allows the user to be authenticated at any point — on launch, when authorizing payment on a digital wallet, or when trying to compose a new message.

And the technology protects users in case their mobile device is lost or stolen. “Say Michal steals my phone and goes into my bank, instead of a password she’ll need to authenticate herself on my phone. She’s not me, and so off she goes without getting into my account,” says Levy. “Even if someone hacks your phone, they haven’t hacked my server. So I protect the phone and also what you can do through the phone.”

As for his business model, Levy explains, “If banks are losing $30 billion this year and we help them reduce it to $29 billion, I get some of that savings as my fee.”

Comments

Abigail Klein Leichman is a writer and associate editor at ISRAEL21c. Prior to moving to Israel in 2007, she was a specialty writer and copy editor at a daily newspaper in New Jersey and has freelanced for a variety of newspapers and periodicals since 1984.